From owner-freebsd-questions Wed Nov 13 7:57:31 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9B28037B401 for ; Wed, 13 Nov 2002 07:57:28 -0800 (PST) Received: from eagle.homedns.org (dhcp-166-61.slidell.charter-ala.com [68.112.209.202]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9FBC043E4A for ; Wed, 13 Nov 2002 07:57:27 -0800 (PST) (envelope-from kenny@eagle.homedns.org) Received: from localhost (kenny@localhost) by eagle.homedns.org (8.9.3/8.9.3) with ESMTP id JAA07190 for ; Wed, 13 Nov 2002 09:42:02 -0600 (CST) (envelope-from kenny@eagle.homedns.org) Date: Wed, 13 Nov 2002 09:42:02 -0600 (CST) From: Kenny Elliott To: freebsd-questions@freebsd.org Subject: firewall / natd problem I think Message-ID: <20021113094049.Q7187-100000@eagle.homedns.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello Everyone. I have a problem that I just can't seem to figure out. I have a FreeBSD server connected to the internet via xl1 which is connected to a cable modem. This interface gets it's ip dynamicly via dhcp. Interface xl0 has an assigned ip address of 10.1.1.1 and is connected to an internal network. Clients on the internal network are given ip addresses in the 10.1.1.0/24 class C via dhcp. I use the homedns.org service to map the ip address that xl1 receives to eagle.homedns.org. I have configured natd to run on the server. rc.conf and ipfw output to follow I have an apache server running on this server and it is configured to respond to eagle.homedns.org. If I connect to the web server from the outside world it works correctly. However, if I attempt to connect to the web server from one of the internal clients the connection is VERY slow. Accessing outside web servers from the same client works without a problem speed is wuite acceptable. This client has the same problem (very slow) whne attempting to retreive it's mail from the pop server running on the freebsd box. Hopefully someone can point me in the right direction to get this corrected. Please excuse im if I am doing anything obviously wrong here. I'm not very familar with freebsd I mainly have experiance with Linux and Solaris. Thanks in advance. Kenny Contents of my rc.comf file: gateway_enable="YES" natd_program="/sbin/natd" natd_enable="YES" natd_interface="xl1" natd_flags="-f /etc/natd.conf" tcp_drop_synfin="YES" # -- sysinstall generated deltas -- # saver="fire" network_interfaces="xl0 xl1 lo0" pccard_ifconfig="NO" pccard_mem="DEFAULT" # -- sysinstall generated deltas -- # routerflags="" ifconfig_xl0="inet 10.1.1.1 netmask 255.255.255.0" ifconfig_xl1="DHCP" router="routed" router_enable="YES" hostname="eagle.homedns.org" ldconfig_paths="/usr/lib /usr/local/lib /usr/local/X11R6/lib" named_enable="YES" firewall_enable="YES" firewall_type="OPEN" firewall_quiet="NO" firewall_script="/etc/rc.firewall" Output of ipfw -a l: 00100 31895 10126379 divert 8668 ip from any to any via xl1 00100 282 11054 allow ip from any to any via lo0 00200 1 56 deny ip from any to 127.0.0.0/8 65000 31894 10126323 allow ip from any to any 65535 8 1482 deny ip from any to any To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message